Add granularity to token termination in TPS

BZ 1163987. Added revocation checks to optionally revoke expired certs, and handle cases where certs are shared on multiple tokens.
author: Ade Lee <alee@redhat.com> 2015-02-11 16:28:50 -0500
committer: Ade Lee <alee@redhat.com> 2015-02-26 23:21:46 -0500
commit: 705084a0021e161f1b4cea25dbaf622cfe68c47e (patch)
tree: bd423d083327a96423b9864e7851dffcc5b5ef99 /base/tps/src/org/dogtagpki/server/tps/processor/TPSEnrollProcessor.java
parent: 3b6664da6c762a592573d5fa05043ecca20bf7a7 (diff)
download: pki-705084a0021e161f1b4cea25dbaf622cfe68c47e.tar.gz
pki-705084a0021e161f1b4cea25dbaf622cfe68c47e.tar.xz
pki-705084a0021e161f1b4cea25dbaf622cfe68c47e.zip
1 files changed, 6 insertions, 5 deletions
diff --git a/base/tps/src/org/dogtagpki/server/tps/processor/TPSEnrollProcessor.java b/base/tps/src/org/dogtagpki/server/tps/processor/TPSEnrollProcessor.java
index 482236bc3..c74fe2cb6 100644
--- a/base/tps/src/org/dogtagpki/server/tps/processor/TPSEnrollProcessor.java
+++ b/base/tps/src/org/dogtagpki/server/tps/processor/TPSEnrollProcessor.java
@@ -1004,7 +1004,7 @@ public class TPSEnrollProcessor extends TPSProcessor {
          * Get certs from the tokendb for this token to find out about
          * renewal possibility
          */
-        ArrayList<TPSCertRecord> allCerts = tps.tdb.tdbGetCertificatesByCUID(tokenRecord.getId());
+        ArrayList<TPSCertRecord> allCerts = tps.tdb.tdbGetCertRecordsByCUID(tokenRecord.getId());
 
         certsInfo.setNumCertsToEnroll(keyTypeNum);
 
@@ -1366,7 +1366,7 @@ public class TPSEnrollProcessor extends TPSProcessor {
                     actualCertIndex++;
                 }
 
-                ArrayList<TPSCertRecord> certs = tps.tdb.tdbGetCertificatesByCUID(toBeRecovered.getId());
+                ArrayList<TPSCertRecord> certs = tps.tdb.tdbGetCertRecordsByCUID(toBeRecovered.getId());
 
                 String serialToRecover = null;
                 TPSCertRecord certToRecover = null;
@@ -1441,10 +1441,11 @@ public class TPSEnrollProcessor extends TPSProcessor {
                         }
                     }
 
-                    // set cert status to active
-                    certToRecover.setStatus("active");
                     try {
-                        tps.tdb.tdbUpdateCertEntry(certToRecover);
+                        // set cert status to active
+                        tps.tdb.updateCertsStatus(certToRecover.getSerialNumber(),
+                                                  certToRecover.getIssuedBy(),
+                                                  "active");
                     } catch (Exception e) {
                         auditMsg = "failed tdbUpdateCertEntry";
                         CMS.debug(method + ":" + auditMsg);
author	Ade Lee <alee@redhat.com>	2015-02-11 16:28:50 -0500
committer	Ade Lee <alee@redhat.com>	2015-02-26 23:21:46 -0500
commit	705084a0021e161f1b4cea25dbaf622cfe68c47e (patch)
tree	bd423d083327a96423b9864e7851dffcc5b5ef99 /base/tps/src/org/dogtagpki/server/tps/processor/TPSEnrollProcessor.java
parent	3b6664da6c762a592573d5fa05043ecca20bf7a7 (diff)
download	pki-705084a0021e161f1b4cea25dbaf622cfe68c47e.tar.gz pki-705084a0021e161f1b4cea25dbaf622cfe68c47e.tar.xz pki-705084a0021e161f1b4cea25dbaf622cfe68c47e.zip